This software allows for the conversion, extraction, and transformation of malware behavior data from "Malware Configuration And Payload Extraction" (CAPEv2) sandbox reports, to Structured Threat Information eXpression (STIX). This allows for further analysis to be performed, sharing of threat data, and transit to a graph database.
Added Documentation nearly finishing issue #2 (need Neo4j additions), made functionality for convert.py to remove STIX objects found in benign CAPE reports (additional converted reports can be added in cape2stix/scripts/benign/
mcutshaw
commented
1 year ago
Added Documentation nearly finishing issue #2 (need Neo4j additions), made functionality for convert.py to remove STIX objects found in benign CAPE reports (additional converted reports can be added in cape2stix/scripts/benign/